IBM Security Verify

Shape the future of IBM Security Verify

We invite you to shape the future of IBM, including the product roadmap, by submitting ideas that matter to you the most.

Here's how it works:

Post your ideas

Start by posting ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,

  1. Post an idea

  2. Upvote ideas that matter most to you

  3. Get feedback from the IBM team to refine your idea

Submit a private idea

If you have confidential information or customer data to share with your idea, then - DO NOT submit using the link below, instead - please open a private feature request.

And finally - if its an issue with expected behaviour, a product defect or a support need, open a Support Case

Separate SV Launcher Tools access to Web Services from that of 3rd Party Integrations

There is not currently a way to restrict access to the Web Services function from Integrations such a Remote Desktop Manager, without at the same time, also breaking the Web Session Recording feature.

  • Guest
  • Nov 20 2020
  • Not under consideration
  • Admin
    PHILIP NYE commented
    17 Mar, 2021 03:26am

    This Enhancement will be closed in this system, as this is the tracking tool for IBM Security Verify SaaS, it will be tracked however by an internal process.

    Thanks!

  • Guest commented
    16 Mar, 2021 09:52am

    Hi Adam,

    Let me provide a suggestion on how I would do it in a simple way to highlight what I see as a needed option.


    Copy the existing webservices api and give it a new name like nativeservices.

    Move the SS features of Web Session Recording and perhaps the Remote Connection Manager to use this new api/call/hook.

    Now provide a toggle option to enable and disable this nativeservices in the same way I can disable webservices.

    This now gives me the ability to "Separate SV Launcher Tools access to Web Services from that of 3rd Party Integrations".


    I can then turn off products like RDM from Devolutions should I choose to, without breaking the WebSesssion recording features that currently rely on this shared service.


    Trusted applications would be Web Session Recording call, RCM from Thy and IBM environment equivalent.


  • Guest commented
    9 Dec, 2020 05:33am

    Confirming this is a SS RFE. At the moment, 3rd party programs such as Devolutions Remote Desktop Manager can communicate with the SS.

    The only way to stop this 3rd party access, is to turn off the Web Services function. When this action is taken to secure the SS, it breaks the use of the SS launcher tools.

    It would be good to have a boundary of privilege, so that trusted internal parts of SS, like the Launchers and Web Session recording continue to function.

    It is undesirable to have to disable a SS feature to stop a 3rd party getting access.

  • Guest commented
    9 Dec, 2020 03:53am

    We just want to clarify here as the idea that was submitted seems to be for another product. We believe that this is an RFE for IBM Secret Server, is that correct?

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.